Subject: Re: misc/143: Setuid programs installed unreadable
To: Chris G. Demetriou <cgd@postgres.Berkeley.EDU>
From: Peter da Silva <peter@Taronga.COM>
List: netbsd-bugs
Date: 03/01/1994 05:07:49
> > I don't get it. Since anyone can FTP the source to these things, how does
> > making the binaries unreadable help?
> Just because you, i, or anyone on the internet can ftp the source to
> them, that doesn't mean that "anyone" can do it -- there are sites
> off the net, or on "company-internal" networks that have just as much
> (if not more) to worry about re: security than you or i.
Well, then, you need to make any binaries run from crontab as root unreadable
as well. If you're really going to run that sort of security you should
probably make *everything* in /bin unreadable that isn't a script.
Oh yeh, libs. Better make them statically linked as well.
Better to have a command that makes everything unreadable that can be safely
made unreadable. Call it "lockup". Now that'd actually be useful...
--
Peter da Silva, 77272-0711 USA `-_-'
Zure otsoa besarkatu al duzu gaur? 'U`
Serveuse, ce plat bouge encore!
------------------------------------------------------------------------------